Following a cyberattack, a mid-sized automotive supplier completely shut down all its IT systems. The result: production came to a standstill; the damage amounted to more than twelve million euros. An isolated incident? Far from it. According to a Hiscox study, 43 percent of firms have been victim to at least one cyberattack in the last twelve months. But what are the key points to consider if you want to remedy vulnerabilities and comprehensively protect users, IT, and intellectual property against attacks?
According to the country's Federal Office for Information and Security (BSI), more than 117 million new pieces of malware were detected in 2020 in Germany alone. The peak amounted to some 470,000 threats in a single day. These affected companies of all sizes across a range of sectors, particularly mid-sized operations. And, according to the BSI, something else has changed, too: While untargeted mass attacks on random targets were previously favored by hackers, attacks on IT environments have since become increasingly more precise and intelligent. The most popular attacks use phishing and ransomware, with the aim of acquiring client data and intellectual property or encrypting sensitive data, in order to extort sizable ransoms from targets.
The key to successful cyber defense is a holistic strategy for IT security, which looks beyond firewalls and virus scanners. The first task is to ensure endpoint security, such as for clients and servers. Secure email communication, protected internet access, and continuous management of vulnerabilities are all essential for rooting out and remedying potential security gaps within internal IT infrastructure. All of this is made possible with the Magenta Security Shield. In real time, T-Systems analyzes all network connections, processes, or patterns of behavior in the Security Operations Center (SOC) and informs the client about suspicious incidents or unusual user behavior. If the risk of a threat becomes apparent, or should a security incident occur, the experts will put a stop to all processes and remove the attacker from the system.
Email-based security threats increased by 64 percent in 2020, according to a survey from Mimecast. Comprehensive endpoint protection and the protection of emails are essential to the success of any security strategy. Here, endpoint detection and response (EDR) solutions come into play, making any activity across endpoints visible and comprehensible. In addition, all emails are checked and those categorized as hazardous confined in a sandbox. Then the client themselves decides whether the blocked messages should be delivered or deleted.
A key difference when compared with the file-based solutions of firewalls and virus scanners: To ensure no infected files make it into the network, all active processes are examined and subject to behavioral analysis. Continuous analyses based on intelligent algorithms enable the prompt identification of new malware, a dynamic reaction to the threat situation, and a reduction in the number of false positives.
Vulnerability management is an important building block for any security strategy. Vulnerability scans identify gaps in security early on, enabling threats to be dealt with proactively.
Christopher Ehmsen, Head of Portfolio Management & Solution Sales Cybersecurity, T-Systems Austria
A favorite tactic among hackers is gaining entry into company networks via unsecured internet access points. To close this potential point of entry, all web access takes place via a secure gateway. Mechanisms such as a reputation database, online risk scoring, web APT, SSL inspection, or botnet control strengthen protection. If systems make repeated attempts to connect to malicious websites, security analysts in the SOC implement appropriate counter measures to put a stop to the connection process.
Vulnerabilities in operating systems or applications, faulty configurations, or open IP ports: cyber criminals are always finding new points of entry. This is why vulnerability scans are another important building block of any security strategy. They identify vulnerabilities early on and enable threats to be dealt with in a targeted and proactive manner. This minimizes the potential points of attack across the company.
The Magenta Security Shield helps companies master current cybersecurity challenges. They receive cutting-edge, best-of-breed solutions from a single source and benefit from comprehensive security services, including reporting, monthly consultations, and incident response in the event of a crisis. In particular, the Security Shield supports mid-size companies, who would like to effectively protect themselves in spite of limited security expertise and financial resources.
Within the scope of managed services, a team of professional security experts is always on hand, not only to provide monthly consultations on security topics, but also to handle security incidents and defend against attacks.